Lucene search
K
ThreatpostMost viewed

15946 matches found

ThreatPost
ThreatPost
added 2019/09/10 12:0 p.m.117 views

Vulnerabilities in D-Link, Comba Routers Can Leak Credentials

Researchers have discovered vulnerabilities in D-Link and Comba Telecom routers that can leak passwords for the devices and have the potential to affect every user on networks that use them for access. Trustwave SpiderLabs Security Researcher Simon Kenin discovered the vulnerabilities—two in a...

0.9AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/07/30 1:8 p.m.117 views

Former AWS Engineer Arrested as Capital One Admits Massive Data Breach

A massive breach of Capital One customer data has hit more than 100 million people in the U.S. and 6 million in Canada. Thanks to a cloud misconfiguration, a hacker was able to access to credit applications, Social Security numbers and bank account numbers in one of the biggest data breaches to...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/06/10 11:47 a.m.117 views

Microsoft Brings HSTS to Windows 7 and 8.1

In the midst of a relatively light Patch Tuesday, Microsoft yesterday introduced an extra measure of security for users running Internet Explorer 11 on Windows 7 and Windows 8.1 machines: HSTS. Short for HTTP Strict Transport Security, HSTS is a browser header that forces any sessions sent over...

9.3CVSS8.3AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2015/01/30 10:59 a.m.117 views

Army Research Lab Releases Dshell Forensics Framework

The U.S. Army has released to open source an internal forensics analysis framework that the Army Research Lab has been using for some time. The framework, known as Dshell, is a Python tool that runs on Linux and its designed to help analysts investigate compromises within their environments. The...

0.3AI score0.99993EPSS
Exploits41References4
ThreatPost
ThreatPost
added 2014/08/27 2:8 p.m.117 views

Microsoft Re-Releases Broken Security Patch MS14-045

Microsoft today re-released security bulletin MS14-045, which was pulled shortly after the August Patch Tuesday updates because a number of users reported crashes and blue screens. The patch was removed from Windows Update on Aug. 15, three days after it was released as part of Microsoft’s monthl...

9.3CVSS0.9AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2022/06/07 12:45 p.m.116 views

Follina Exploited by State-Sponsored Hackers

Researchers have added state-sponsored hackers to the list of adversaries attempting to exploit Microsoft’s now-patched Follina vulnerability. According to researchers at Proofpoint, state-sponsored hackers have attempted to abuse the Follina vulnerability in Microsoft Office, aiming an email-bas...

9.3CVSS8.4AI score0.99374EPSS
Exploits62References5
ThreatPost
ThreatPost
added 2022/03/30 1:13 p.m.116 views

MSHTML Flaw Exploited to Attack Russian Dissidents

A spearphishing campaign targeting Russian citizens and government entities that are not aligned with the actions of the Russian government is the latest in numerous threats that have emerged since Russia invaded the Ukraine in February. Researchers from MalwareBytes identified a campaign last we...

8.8CVSS8AI score0.96843EPSS
Exploits38References9
ThreatPost
ThreatPost
added 2021/05/17 4:19 p.m.116 views

Bizarro Banking Trojan Sports Sophisticated Backdoor

A never-before-documented Brazilian banking trojan, dubbed Bizarro, is targeting customers of 70 banks scattered throughout Europe and South America, researchers said. According to an analysis from Kaspersky released Monday, Bizarro is a mobile malware, aimed at capturing online-banking credentia...

5.8AI score
Exploits0References5
ThreatPost
ThreatPost
added 2021/05/03 6:22 p.m.116 views

Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool

Hewlett Packard Enterprise HPE is urging customers to patch one of its premier edge application management tools that could allow an attacker to carry out a remote authentication bypass attack and infiltrate a customer’s cloud infrastructure. Join Threatpost for “Fortifying Your Business Against...

7.5CVSS0.3AI score0.68293EPSS
Exploits10References10
ThreatPost
ThreatPost
added 2020/11/13 6:11 p.m.116 views

Nation-State Attackers Actively Target COVID-19 Vaccine-Makers

Three nation-state cyberattack groups are actively attempting to hack companies involved in COVID-19 vaccine and treatment research, researchers said. Russia’s APT28 Fancy Bear, the Lazarus Group from North Korea and another North Korea-linked group dubbed Cerium are believed to be behind the...

0.4AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/01/03 6:58 p.m.116 views

Ransomware Attack Topples Telemarketing Firm, Leaving Hundreds Jobless

A ransomware attack reportedly caused an Arkansas-based telemarketing company to temporarily suspend its operations, leaving hundreds of employees unsure that they still had jobs days before Christmas. The Heritage Company, a 61-year-old telemarketing firm that works with nonprofit organizations,...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/12/13 7:7 p.m.116 views

Elegant sLoad Carries Out Spying, Payload Delivery in BITS

A fresh analysis of the trojan sLoad sheds light on the growing trend of advanced malware “living off the land” of a targeted system and successfully evading detection and carrying out malicious activities. SLoad is a PowerShell downloader type of malware and is known for its impressive...

7AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/09/13 11:45 a.m.116 views

Cybercriminals Adding Sophistication to BEC Threats

Cybercriminals are boosting their game and employing new tactics to move up the chain of command with more sophisticated business email compromise BEC threats that pose a greater threat to organizations, according to a new report. Advanced BEC attacks–including impersonation attacks and CEO...

0.6AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/06/14 2:4 p.m.116 views

Millions of Linux Servers Under Worm Attack Via Exim Flaw

A widespread campaign is exploiting a vulnerability in the Exim mail transport agent MTA to gain remote command-execution on victims’ Linux systems. Researchers say that currently more than 3.5 million servers are at risk from the attacks, which are using a wormable exploit. Specifically under...

7.5CVSS9.7AI score0.99961EPSS
Exploits27References11
ThreatPost
ThreatPost
added 2019/05/08 4:1 p.m.116 views

Verizon Data Breach Report: Espionage, C-Suite and Cloud Attacks on the Rise

Corporate espionage is on the rise as a motivation for cyberattacks, with a full quarter of all network compromises associated with reconnaissance and data exfiltration in the last 12 months. However, financially motivated attacks aren’t going anywhere; social-engineering attacks aimed at stealin...

0.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2017/04/17 2:6 p.m.116 views

ShadowBrokers' Windows Zero-Days Already Patched

Hours after what was thought to be a damaging release of NSA hacking tools for Windows systems, Microsoft quelled some anxiety with a late-night statement on Friday that most of the vulnerabilities disclosed by the ShadowBrokers had already been patched. The biggest surprise was that the most...

9.3CVSS8.3AI score0.99945EPSS
Exploits61References6
ThreatPost
ThreatPost
added 2015/05/06 1:10 p.m.116 views

Windows Update for Business Uproots Patch Tuesday

Scheduled patch deliveries are so last decade—and thankfully, it looks like they’re over when it comes to Microsoft Patch Tuesday. Microsoft this week at its Ignite event introduced its new security update scheme called Windows Update for Business, which debuts in Windows 10 with several new...

9.3CVSS8.7AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2021/01/15 9:47 p.m.115 views

Microsoft Implements Windows Zerologon Flaw 'Enforcement Mode'

Microsoft is taking matters into its own hands when it comes to companies that haven’t yet updated their systems to address the critical Zerologon flaw. The tech giant will soon by default block vulnerable connections on devices that could be used to exploit the flaw. Starting Feb. 9, Microsoft...

9.3CVSS8.3AI score0.99512EPSS
Exploits75References13
ThreatPost
ThreatPost
added 2020/07/31 4:8 p.m.115 views

CWT Travel Agency Faces $4.5M Ransom in Cyberattack, Report

CWT, a giant in the corporate travel agency world with a global clientele, may have faced payment of $4.5 million to unknown hackers in the wake of a ransomware attack. Independent malware hunter @JAMESWT tweeted on Thursday that a malware sample used against CWT formerly known as Carlson Wagonli...

0.9AI score
Exploits0References27
ThreatPost
ThreatPost
added 2019/12/12 11:0 a.m.115 views

Retail Org Cyberattacks Set to Soar 20% in 2019 Holiday Season

As cybercriminals grow more sophisticated and holiday shoppers continue to flock online, researchers warn internet-based retailers could face a 20 percent uptick in cyberattacks this holiday season compared to last year. In the report titled “Holiday Season Cyber Heists”, released Thursday mornin...

7.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2019/11/12 7:7 p.m.115 views

Intel Warns of Critical Info-Disclosure Bug in Security Engine

A critical security bug in the Intel Converged Security and Manageability Engine CSME could allow escalation of privilege, denial of service or information disclosure. The details are included in a bug advisory that in total covers 77 vulnerabilities, 67 of which were found by internal Intel staf...

7.5CVSS1.1AI score0.0552EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2019/09/10 6:50 p.m.115 views

ThreatList: Amidst Data Breaches, Account Creation Fraud Soars in 2019

The first half of 2019 saw a 13 percent increase in fraudulent activity compared to the previous six months, with a spike in June representing the highest-volume bot attack that’s been recorded since 2016, according to an analysis from LexisNexis Risk Solutions. The firm’s report, with data glean...

1.2AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/02/07 3:43 p.m.115 views

Flaw in Multiple Airline Systems Exposes Passenger Data

Researchers have discovered that multiple airline e-ticketing systems do not encrypt check-in links. The security faux pas could allow bad actors on the same network as the victim to view – and in some cases even change – their flight booking details or boarding passes. Security researchers at...

0.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2018/07/02 6:32 p.m.115 views

ThreatList: Exploit Kits Still a Top Web-based Threat

What we can glean from a 2018 roundup of current web-threats is old vulnerabilities die hard. In a report, released by Palo Alto Networks Unit 42, researchers said so far this year cybercriminals are targeting unpatched PCs with ancient CVEs and well-known exploit kits. Here is a ThreatList from...

10CVSS8.9AI score0.94996EPSS
Exploits54References8
ThreatPost
ThreatPost
added 2017/04/25 1:45 p.m.115 views

xDedic Market Spilling Over With School Servers, PCs

Nearly two-thirds of servers and PCs peddled on the xDedic underground marketplace belong to schools and universities, and most are based in the United States. In a recent analysis of xDedic, Flashpoint found that besides the education sector, PC and servers tied to healthcare and legal firms mak...

9.3CVSS0.6AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2022/04/20 4:24 p.m.114 views

Most Email Security Approaches Fail to Block Common Threats

On overwhelming number of security teams believe their email security systems to be ineffective against the most serious inbound threats, including ransomware. That’s according to a survey of business customers using Microsoft 365 for email commissioned by Cyren and conducted by Osterman Research...

7.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/01/26 11:0 a.m.114 views

TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks

A vulnerability in the popular TikTok short-form video-sharing platform could have allowed attackers to easily compile users’ phone numbers, unique user IDs and other data ripe for phishing attacks. TikTok, owned by ByteDance, has more than 800 million active users worldwide. The vulnerability,...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/07/07 8:5 p.m.114 views

Keeper Threat Group Rakes in $7M from Hundreds of Compromised E-Commerce Sites

Since its launch three years ago, the Keeper threat group has compromised more than 570 e-commerce websites, from online liquor stores to Apple product resellers. And experts warn of future, increasingly sophisticated attacks against online merchants worldwide. The Keeper group, a faction of the...

8.2AI score0.0552EPSS
Exploits1References14
ThreatPost
ThreatPost
added 2020/01/09 7:4 p.m.114 views

Exploit Fully Breaks SHA-1, Lowers the Attack Bar

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 SHA-1 code-signing encryption, used by legacy computers to sign the certificates that authenticate software downloads and prevent man-in-the-middle tampering. The exploit was developed by...

7.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/11/26 11:0 a.m.114 views

Black Friday Shoppers Targeted By Scams and Fake Domains

Black Friday and Cyber Monday-related scams are nothing new — but researchers warn that this year, they are seeing an uptick in scams using more sophisticated methods to lure users to hand over their payment data. Research released Tuesday by ZeroFOX uncovered some of the threats that attackers a...

Exploits0References9
ThreatPost
ThreatPost
added 2019/09/17 12:18 p.m.114 views

LastPass Fixes Bug That Leaks Credentials

LastPass has patched a bug that could potentially allow malicious websites to access a web user’s credentials from a previously visited site. Tavis Ormandy, a vulnerability researcher from Google Project Zero, discovered the flaw in the LastPass password manager and published it on the project’s...

1.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/08/07 11:0 p.m.114 views

Black Hat 2019: Microsoft Protocol Flaw Leaves Azure Users Open to Attack

LAS VEGAS – A path-traversal vulnerability in Microsoft’s Remote Desktop Protocol RDP leaves unpatched Azure customers open to attack. The flaw could allow for a virtual machine VM escape in Microsoft’s Hyper-V Manager, part of its Azure cloud platform. Researchers with Check Point at a Wednesday...

8.5CVSS8.2AI score0.70966EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2019/05/21 4:1 p.m.114 views

Cisco Starts Patching Firmware Bug; Millions of Devices Still Vulnerable

Cisco has issued a handful of firmware releases for a high-severity vulnerability in Cisco’s proprietary Secure Boot implementation that impacts millions of its hardware devices, across the scope of its portfolio. The patches are the first in a planned series of firmware updates that will roll ou...

7.2CVSS0.2AI score0.00611EPSS
Exploits0References8
ThreatPost
ThreatPost
added 2019/03/29 7:4 p.m.114 views

Critical RCE Bug in Cisco WebEx Browser Extensions Faces 'Ongoing Exploitation'

A critical vulnerability in Cisco WebEx browser extensions that could allow unauthenticated remote code-execution RCE on targeted machines is being actively exploited in the wild. The news comes just days after Cisco issued a flurry of 24 different patches for its IOS XE operating system and warn...

9.3CVSS0.4AI score0.27231EPSS
Exploits6References6
ThreatPost
ThreatPost
added 2019/01/28 4:4 p.m.114 views

Active Scans Target Vulnerable Cisco Routers for Remote Code-Execution

UPDATE Malicious scanning activity targeting Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN routers is underway, with a swell of opportunistic probes looking for vulnerable devices ramping up since Friday. According to Bad Packets Report’s honeypot data, cyberattackers are targeting a...

9CVSS7.7AI score0.99876EPSS
Exploits26References7
ThreatPost
ThreatPost
added 2017/09/11 3:2 p.m.114 views

Apache Foundation Refutes Involvement in Equifax Breach

A group of developers behind Apache Struts, believed by some to be the culprit behind last week’s Equifax breach, took umbrage with those claims over the weekend. René Gielen, vice president of the Apache Struts Project Management Committee PMC at the Apache Software Foundation, wrote Saturday th...

10CVSS9.8AI score0.99999EPSS
Exploits66References13
ThreatPost
ThreatPost
added 2015/07/08 11:19 a.m.114 views

Hacking Team Flash Zero Day Weaponized in Exploit Kits

Handlers for three major exploit kits have managed to utilize in short order a zero-day vulnerability in Adobe Flash Player uncovered among the 400 Gb of data stolen from Hacking Team. Experts, including French researcher Kafeine and a number of others from security companies, revealed last night...

10CVSS9.5AI score0.99344EPSS
Exploits29References12
ThreatPost
ThreatPost
added 2015/05/11 1:18 p.m.114 views

Elasticsearch Elastichoney Honeypot Shows 8,000 RCE Attacks

Hackers have taken an interest in Elasticsearch, a popular enterprise search engine. A researcher based in Texas, whose own Elasticsearch server was hacked, today published results collated from a honeypot he built to get a sense of how widespread attacks are against the vulnerability that did in...

7.5CVSS9.9AI score0.99906EPSS
Exploits19References4
ThreatPost
ThreatPost
added 2014/12/10 11:12 a.m.114 views

Red October Attackers Return With CloudAtlas APT Campaign

The attackers behind the Red October APT campaign that was exposed nearly two years ago have resurfaced with a new campaign that is targeting some of the same victims and using similarly constructed tools and spear phishing emails. Red October emerged in January 2013 and researchers found that th...

9.3CVSS0.3AI score0.99966EPSS
Exploits12References9
ThreatPost
ThreatPost
added 2013/08/06 1:58 p.m.114 views

Scenes from Black Hat USA 2013

!More from Wednesday’s Legal Access Panel Briefinghttps://media.threatpost.com/wp-content/uploads/sites/103/2013/08/07043123/panel.j...

7.3AI score
Exploits0References16
ThreatPost
ThreatPost
added 2022/08/26 4:44 p.m.113 views

Ransomware Attacks are on the Rise

After a recent dip, ransomware attacks are back on the rise. According to data released by NCC Group, the resurgence is being led by old ransomware-as-a-service RaaS groups. With data gathered by “actively monitoring the leak sites used by each ransomware group and scraping victim details as they...

6.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2021/11/01 4:28 p.m.113 views

‘Trojan Source’ Hides Invisible Bugs in Source Code

Researchers have found a new way to encode potentially evil source code, such that human reviewers see a harmless version and compilers see the invisible, wicked version. Named “Trojan Source attacks,” the method “exploits subtleties in text-encoding standards such as Unicode to produce source co...

8.3CVSS8.8AI score0.12205EPSS
Exploits5References15
ThreatPost
ThreatPost
added 2021/08/19 2:35 p.m.113 views

Postmortem on U.S. Census Hack Exposes Cybersecurity Failures

Threat actors exploited an unpatched Citrix flaw to breach the network of the U.S. Census Bureau in January in an attack that was ultimately halted before a backdoor could be installed or sensitive data could be stolen, according to a report by a government watchdog organization. However,...

9.9AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/12/21 9:35 p.m.113 views

Smart Doorbell Disaster: Many Brands Vulnerable to Attack

Smart doorbells, designed to allow homeowners to keep an eye on unwanted and wanted visitors, can often cause more security harm than good compared to their analog door bolt alternatives. Consumer-grade digital doorbells are riddled with potential cybersecurity vulnerabilities ranging from...

0.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/11/28 3:0 p.m.113 views

2021 Healthcare Cybersecurity Priorities: Experts Weigh In

Healthcare cybersecurity is in triage mode. As systems are stretched to the limits by COVID-19 and technology becomes an essential part of everyday patient interactions, hospital and healthcare IT departments have been left to figure out how to make it all work together, safely and securely. Most...

7.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/07/09 6:18 p.m.113 views

Zoom Zero-Day Allows RCE, Patch on the Way

UPDATE A newly discovered bug in the Zoom Client for Windows could allow remote code-execution, according to researchers at 0patch, which disclosed the existence of the flaw on Thursday after pioneering a proof-of-concept exploit for it. The issue was confirmed for Threatpost by a Zoom...

8.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/07/09 2:9 p.m.113 views

BlueLeaks Server Seized By German Police: Report

German authorities have reportedly seized a server hosting the massive BlueLeaks data dump, which was released earlier in June and exposed thousands of sensitive police department and law enforcement files. According to a Wednesday report by PCMag, the server was based in Falkenstein, Germany and...

7.3AI score
Exploits0References12
ThreatPost
ThreatPost
added 2020/05/01 4:47 p.m.113 views

News Wrap: Microsoft Sway Phish, Malicious GIF and Spyware Attacks

Threatpost editors Tom Spring, Tara Seals and Lindsey O’Donnell-Welch talk about the biggest news stories of the week ended May 1, including: A “PhantomLance” espionage campaign discovered targeting specific Android victims, mainly in Southeast Asia — which could be the work of the OceanLotus APT...

7.2AI score
Exploits0References25
ThreatPost
ThreatPost
added 2020/03/18 6:0 p.m.113 views

Trend Micro Fixes Critical Flaws Under Attack

Trend Micro has released security updates patching five vulnerabilities in its endpoint security solutions, Apex One and OfficeScan XG for Windows. Specifically, Apex One 2019 and OfficeScan XG SP1 and XG are affected by four critical-severity and one high-severity flaws. Two of these...

10CVSS1.2AI score0.25125EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2019/10/22 5:13 p.m.113 views

No 'Silver Bullet' Fix for Alexa, Google Smart Speaker Hacks

Researchers this week disclosed new ways that attackers can exploit Alexa and Google Home smart speakers to spy on users. The hacks, which rely on the abuse of “skills,” or apps for voice assistants, allow bad actors to eavesdrop on users and trick them into telling them their passwords over the...

6.8AI score
Exploits0References10
Total number of security vulnerabilities5000